Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 61696c58623df55f35333c1a89b569c0111bcc42
https://github.com/WebKit/WebKit/commit/61696c58623df55f35333c1a89b569c0111bcc42
Author: Anthony Tarbinian <[email protected]>
Date: 2026-05-04 (Mon, 04 May 2026)
Changed paths:
M LayoutTests/platform/ios-site-isolation/TestExpectations
M LayoutTests/platform/mac-site-isolation/TestExpectations
M Source/WebCore/loader/NavigationRequester.cpp
M Source/WebCore/loader/NavigationRequester.h
M Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp
M Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in
M Source/WebKit/Shared/WebPageCreationParameters.h
M Source/WebKit/Shared/WebPageCreationParameters.serialization.in
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.h
Log Message:
-----------
[Site Isolation] Fix COOP violation error reporting
https://bugs.webkit.org/show_bug.cgi?id=313569
rdar://175786872
Reviewed by Chris Dumez.
Several tests in
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting
are broken with site isolation enabled.
These tests check that the browser is able to report a
Cross-Origin-Reporing-Policy (COOP) violation.
This is a feature which sends an HTTP POST request to a certain "reporting
endpoint" when a COOP
violation is detected
https://html.spec.whatwg.org/multipage/browsers.html#coop-violation-navigation-to
Here is the text diff from one of the tests:
-PASS coop reporting test A test with both COOP and COOP report only setup to
CROSS_ORIGIN with same-origin-allow-popups;
report-to="coop-popup-report-endpoint", require-corp, same-origin;
report-to="coop-popup-report-only-endpoint", require-corp
+FAIL coop reporting test A test with both COOP and COOP report only setup to
CROSS_ORIGIN with same-origin-allow-popups;
report-to="coop-popup-report-endpoint", require-corp, same-origin;
report-to="coop-popup-report-only-endpoint", require-corp promise_test:
Unhandled rejection with value: "No report matched the expected report for
endpoint: coop-report-endpoint, expected report:
{\"body\":{\"disposition\":\"enforce\",\"effectivePolicy\":\"same-origin-allow-popups\",\"nextResponseURL\":\"/uuid=(uuid)$/\",\"type\":\"navigation-from-response\"},\"url\":\"https://web-platform.test:9443/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-four-reports.https.html\",\"type\":\"coop\"},
within available reports: []"
PASS verify remaining reports
This happens because the current WebKit code in WebPage::sendReportToEndpoints
uses a LocalFrame to kick off
the HTTP POST sequence. With site isolation, the frame being navigated can be a
RemoteFrame which will cause
the LocalFrame to be null and the HTTP Post will never be sent.
Instead of sending the WebPage::sendReportToEndpoints message to the new
window's web process
(this is the page which is performing a navigation which is violating the COOP
policy),
we send the WebPage::sendReportToEndpoints message to the process of the
frame which initiated the navigation (in this case the one which called
window.open).
Here's the old IPC flow before this patch:
1. Network process -> Messages::WebPage::SendReportToEndpoints -> popup's web
process
2. Popup's web process -> coreLocalFrame() returns null -> report dropped
silently
3. The popup's web process never gets to call PingLoader::sendViolationReport
With this patch:
1. Network process -> Messages::WebPage::SendReportToEndpoints -> opener's web
process
2. Opener's web process -> PingLoader::sendViolationReport -> network process
3. Network process -> HTTP POST -> reporting endpoint server
Once the IPC was being routed to the opener frame's web process,
there was a remaining issue which was that "url" field in the violation
report was not correct for the case where a cross-origin window was being opened
and the navigation was cancelled due to a COOP violation. In this case,
CrossOriginOpenerPolicyEnforcementResult::from falls back to the opener's url
when reporting which "url" is behind the COOP violation.
This "url" normally comes from WebLoaderStrategy::scheduleLoadFromNetworkProcess
which grabs the opener's URL from the opener frame's document where it assumes
the opener is a LocalFrame. With site isolation, the opener can be a RemoteFrame
so we can't just grab its full URL.
Instead, this patch adds some state to WebPage
which tracks the opener's main frame URL. With this change, we can correctly
report the "url" responsible for the COOP violation when a cross-origin
navigation in a newly opened window is cancelled due to a COOP violation.
Additionally, there's new logic in WebPage::updateOpener to keep this
mainFrameOpenerURL in sync when the opener is updated or the relationship
is severed.
This patch fixes the following tests with
site isolation enabled:
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-four-reports.https.html
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-from-unsafe-none.https.html
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin-report-to.https.html
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-same-origin-allow-popups-report-to.https.html
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-same-origin-coep-report-to.https.html
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-same-origin-report-to.https.html
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-same-origin.https.html
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-unsafe-none-report-to.https.html
* LayoutTests/platform/ios-site-isolation/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* Source/WebCore/loader/NavigationRequester.cpp:
(WebCore::NavigationRequester::from):
* Source/WebCore/loader/NavigationRequester.h:
* Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::sendReportToEndpoints):
* Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in:
* Source/WebKit/Shared/WebPageCreationParameters.h:
* Source/WebKit/Shared/WebPageCreationParameters.serialization.in:
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::creationParameters):
* Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess):
* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::m_allowsImmersiveEnvironments):
(WebKit::WebPage::updateOpener):
* Source/WebKit/WebProcess/WebPage/WebPage.h:
Canonical link: https://commits.webkit.org/312548@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
